+
+sub add_dnat_mangle_rules {
+ my $nat_address = shift;
+ my @options = @_;
+
+ my $mark = 0;
+ foreach my $zone ("GREEN", "BLUE", "ORANGE") {
+ $mark++;
+
+ # Skip rule if not all required information exists.
+ next unless (exists $defaultNetworks{$zone . "_NETADDRESS"});
+ next unless (exists $defaultNetworks{$zone . "_NETMASK"});
+
+ my @mangle_options = @options;
+
+ my $netaddress = $defaultNetworks{$zone . "_NETADDRESS"};
+ $netaddress .= "/" . $defaultNetworks{$zone . "_NETMASK"};
+
+ push(@mangle_options, ("-s", $netaddress, "-d", $nat_address));
+ push(@mangle_options, ("-j", "MARK", "--set-mark", $mark));
+
+ run("$IPTABLES -t mangle -A $CHAIN_MANGLE_NAT_DESTINATION_FIX @mangle_options");
+ }
+}